<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" 
          "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>QUnit for Cryptographic Provider Class 'crypto.js' for ECDSA test</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<script type="text/javascript" src="jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="qunit.js"></script>
<link rel="stylesheet" href="qunit.css" type="text/css" media="screen" />

<script src="../ext/cj/cryptojs-312-core-fix.js"></script>
<script src="../ext/cj/x64-core.js"></script>
<script src="../ext/cj/cipher-core_min.js"></script>
<script src="../ext/cj/aes_min.js"></script>
<script src="../ext/cj/tripledes_min.js"></script>
<script src="../ext/cj/enc-base64_min.js"></script>
<script src="../ext/cj/md5_min.js"></script>
<script src="../ext/cj/sha1_min.js"></script>
<script src="../ext/cj/sha256_min.js"></script>
<script src="../ext/cj/sha224_min.js"></script>
<script src="../ext/cj/sha512_min.js"></script>
<script src="../ext/cj/sha384_min.js"></script>
<script src="../ext/cj/ripemd160_min.js"></script>
<script src="../ext/cj/hmac_min.js"></script>
<script src="../ext/cj/pbkdf2_min.js"></script>

<!-- for rsapem -->
<script src="../ext/jsbn.js"></script>
<script src="../ext/jsbn2.js"></script>
<script src="../ext/base64.js"></script>
<script src="../ext/prng4.js"></script>
<script src="../ext/rng.js"></script>
<script src="../ext/rsa.js"></script>
<script src="../ext/rsa2.js"></script>
<script src="../ext/ec.js"></script>
<script src="../ext/ec-patch.js"></script>
<script src="../src/base64x-1.1.js"></script>
<script src="../src/asn1hex-1.1.js"></script>
<script src="../src/asn1-1.0.js"></script>
<script src="../src/crypto-1.1.js"></script>
<script src="../src/ecdsa-modified-1.0.js"></script>
<script src="../src/ecparam-1.0.js"></script>
<script src="../src/keyutil-1.0.js"></script>

<script type="text/javascript">
<!--
$(document).ready(function(){

// ======= TEST ===============================================================

test("ECDSA signing simple test1 (secp256r1,aaa,SHA256withECDSA)", function() {
  var ecprv = new KJUR.crypto.ECDSA({'prv': '11b5737cf9d93f17c0cb1a84655d3995a02824097effa5edd8ee26381eb5d6c3', 'curve': 'secp256r1'});
  var sig = new KJUR.crypto.Signature({"alg": "SHA256withECDSA", "prov": "cryptojs/jsrsa"});
  sig.init(ecprv);
  sig.updateString("aaa");
  var sigValueHex = sig.sign();
  equal(sigValueHex.substr(0, 2), "30", "sign aaa SHA256withECDSA secp256r1");
});

test("ECDSA verify test1 (secp256r1,aaa,SHA256withECDSA)", function() {
  var ecpub = new KJUR.crypto.ECDSA({'pub': '04a01532a3c0900053de60fbefefcca58793301598d308b41e6f4e364e388c2711bef432c599148c94143d4ff46c2cb73e3e6a41d7eef23c047ea11e60667de425', 'curve': 'secp256r1'});
  var sig = new KJUR.crypto.Signature({"alg": "SHA256withECDSA", "prov": "cryptojs/jsrsa"});
  sig.init(ecpub);
  sig.updateString("aaa");
  var result = sig.verify('3045022100f729843c8bb5f285380ef5e4d708608d7449dadfa50129112668e972d30f210b0220051c589f0ebdad7a41370e9d9ce405734e854788387f21997028312a305ddae8'); // k1.sig.aaa.1
  equal(result, true, "verify aaa SHA256withECDSA secp256r1 k1.sig.aaa.1");
});

test("ECDSA verify test2 (secp256r1,aaa,SHA256withECDSA)", function() {
  var ecpub = new KJUR.crypto.ECDSA({'pub': '04a01532a3c0900053de60fbefefcca58793301598d308b41e6f4e364e388c2711bef432c599148c94143d4ff46c2cb73e3e6a41d7eef23c047ea11e60667de425', 'curve': 'secp256r1'});
  var sig = new KJUR.crypto.Signature({"alg": "SHA256withECDSA", "prov": "cryptojs/jsrsa"});
  sig.init(ecpub);
  sig.updateString("aaa");
  var result = sig.verify('304502202241c432b03179b65f63ac66ed9273531a7f5c00feab5e55a7921c81a8f74275022100a51a260c76a33718e77b0459b239cc709209a7da7ba9a7311059413546598ec0'); // k1.sig.aaa.2
  equal(result, true, "verify aaa SHA256withECDSA secp256r1 k1.sig.aaa.2");
});

test("ECDSA verify test3 (secp256k1,aaa,SHA256withECDSA)", function() {
  var ecpub = new KJUR.crypto.ECDSA({
    'pub': '0422353f380062b2bde67712091386faa369ec5ef1a244d06c459fe3de1fb0a5d8ad23a3878be75e375546f14ca6e42755fee04bd78c0343ac8038f5a218e1fbc5',
    'curve': 'secp256k1'
  });
  var sig = new KJUR.crypto.Signature({"alg": "SHA256withECDSA", "prov": "cryptojs/jsrsa"});
  sig.init(ecpub);
  sig.updateString("aaa");
  var result = sig.verify('30450220350cc4ac81e68fce3cd134ab1cf4ae0e853a297be0f5f0508b0abc3681ba3364022100a601afe06571a95554f722f4fd0114a3335e9e3c155b390aba53dffbb3eedfec'); // k4.sig.aaa.1
  equal(result, true, "verify aaa SHA256withECDSA secp256k1 k4.sig.aaa.1");
});

test("ECDSA verify test4 (secp384r1,aaa,SHA256withECDSA)", function() {
  var ecpub = new KJUR.crypto.ECDSA({
    'pub': '04543526abdfc47394a3f2645b0d48651a9f3a4d46d8740be322915107f050250c730ca40b37e1dc85e082b4bb181b8847bd6d0fa278bae5eb1c05474c9a4e2beec28c970be49c1949f09e96979a277a514830e32a5b9de1ec68ab99f492dd300a',
    'curve': 'secp384r1'
  });
  var sig = new KJUR.crypto.Signature({"alg": "SHA256withECDSA", "prov": "cryptojs/jsrsa"});
  sig.init(ecpub);
  sig.updateString("aaa");
  var result = sig.verify('306502303725858ae53a59a71b0d48553d5c3b0d450a4a76c1da2fd5b508cdb598607a418d7bc622006afe0655e894c2ac6b2b03023100dfffc7d84c02d0e3625a19c9305a1a8caa01fab7da4c4f847086774d5a9205f3de2fe041c76aca429c0229d3c74769b0'); // k6.sig.aaa.1
  equal(result, true, "verify aaa SHA256withECDSA secp384r1 k6.sig.aaa.1");
});

test("SHA1withECDSA verify test1 (secp256r1,aaa,SHA1withECDSA)", function() {
  var ecpub = new KJUR.crypto.ECDSA({
    'pub': '04a01532a3c0900053de60fbefefcca58793301598d308b41e6f4e364e388c2711bef432c599148c94143d4ff46c2cb73e3e6a41d7eef23c047ea11e60667de425',
    'curve': 'secp256r1'
  });
  var sig = new KJUR.crypto.Signature({"alg": "SHA1withECDSA", "prov": "cryptojs/jsrsa"});
  sig.init(ecpub);
  sig.updateString("aaa");
  var result = sig.verify('3046022100deb7e5b5b0740d59befeabea276355627357ca7de573c3812ba38381794fd38e0221009ea6a40e79a3a25e957980c0aaf13ea3fc600c40e22a446dfcaba8443f6402ce'); // k1.sig.aaa.3
  equal(result, true, "verify aaa SHA1withECDSA secp256r1 k1.sig.aaa.3");
});

test("ECDSA sign+verify test3 (secp256k1,aaa,SHA256withECDSA)", function() {
  var kp = KEYUTIL.generateKeypair("EC", "secp256k1");
  var ecpub = kp.pubKeyObj;
  var ecprv = kp.prvKeyObj;

  var sig = new KJUR.crypto.Signature({"alg": "SHA256withECDSA", "curve": "secp256k1"});
  sig.init(ecprv);
  sig.updateString("aaa");
  var hSig = sig.sign();

  var sig2 = new KJUR.crypto.Signature({"alg": "SHA256withECDSA", "curve": "secp256k1"});
  sig2.init(ecpub);
  sig2.updateString("aaa");
  var result = sig2.verify(hSig);
  equal(result, true, "verify VALID aaa SHA256withECDSA secp256k1");

  var sig3 = new KJUR.crypto.Signature({"alg": "SHA256withECDSA", "curve": "secp256k1"});
  sig3.init(ecpub);
  sig3.updateString("aab");
  var result = sig3.verify(hSig);
  equal(result, false, "verify INVALID aaa!=aab SHA256withECDSA secp256k1");

  var kp4 = KEYUTIL.generateKeypair("EC", "secp256k1");
  var ecpub4 = kp4.pubKeyObj;
  var sig4 = new KJUR.crypto.Signature({"alg": "SHA256withECDSA", "curve": "secp256k1"});
  sig4.init(ecpub4);
  sig4.updateString("aaa");
  var result4 = sig4.verify(hSig);
  equal(result4, false, "verify INVALID aaa SHA256withECDSA secp256k1 different pkey");
});

test("ECDSA sign+verify test4 (secp384r1,aaa,SHA256withECDSA)", function() {
  var kp = KEYUTIL.generateKeypair("EC", "secp384r1");
  var ecpub = kp.pubKeyObj;
  var ecprv = kp.prvKeyObj;

  var sig = new KJUR.crypto.Signature({"alg": "SHA256withECDSA", "curve": "secp384r1"});
  sig.init(ecprv);
  sig.updateString("aaa");
  var hSig = sig.sign();

  var sig2 = new KJUR.crypto.Signature({"alg": "SHA256withECDSA", "curve": "secp384r1"});
  sig2.init(ecpub);
  sig2.updateString("aaa");
  var result = sig2.verify(hSig);
  equal(result, true, "verify VALID aaa SHA256withECDSA secp384r1");

  var sig3 = new KJUR.crypto.Signature({"alg": "SHA256withECDSA", "curve": "secp384r1"});
  sig3.init(ecpub);
  sig3.updateString("aab");
  var result = sig3.verify(hSig);
  equal(result, false, "verify INVALID aaa!=aab SHA256withECDSA secp384r1");

  var kp4 = KEYUTIL.generateKeypair("EC", "secp384r1");
  var ecpub4 = kp4.pubKeyObj;
  var sig4 = new KJUR.crypto.Signature({"alg": "SHA256withECDSA", "curve": "secp384r1"});
  sig4.init(ecpub4);
  sig4.updateString("aaa");
  var result4 = sig4.verify(hSig);
  equal(result4, false, "verify INVALID aaa SHA256withECDSA secp384r1 different pkey");
});

});
-->
</script>
  
</head>
<body>
<div id="qunit"></div>
<div id="qunit-fixture">test markup</div>

<b>NOTE:</b>
<p>
In 10.4.1 or before, only secp256r1(P-256), secp256k1, and secp384r1(P-384) curves have been supported.<br/>
From 10.5.0(2021-Nov-21), secp192r1, secp224r1 and secp521r1(P-521) are also supported.<br/>
</p>

<p>
ECC related QUnit test pages: 
<a href="qunit-do-crypto.html">crypto.js</a> | 
<a href="qunit-do-crypto-ecdsa.html">crypto.js Signature class for ECDSA</a> | 
<a href="qunit-do-ecdsamod.html">ecdsa-modified.js</a> | 
<a href="qunit-do-ecdsamod-unsupport.html">ecdsa-modified unsupported curve</a> | 
<a href="qunit-do-ecdsamod-nisttv.html">ecdsa-modified NIST ECC test vector key generation test</a> | 
<a href="qunit-do-ecparam.html">ecparam.js</a> | 
</p>

</body>
</html>
